diff --git a/api.go b/api.go
index fac60ae..3878465 100644
--- a/api.go
+++ b/api.go
@@ -159,6 +159,10 @@ func apiStart(br *broker) {
 		isConnect := false
 		devid := ""
 
+		if !cfg.LocalAuth && isLocalRequest(c) {
+			return
+		}
+
 		if strings.HasPrefix(c.Request.URL.Path, "/connect/") {
 			devid = c.Param("devid")
 			if devid == "" {
@@ -340,9 +344,9 @@ func apiStart(br *broker) {
 
 	r.GET("/authorized/:devid", func(c *gin.Context) {
 		devid := c.Param("devid")
-		authorized := false
+		authorized := !cfg.LocalAuth && isLocalRequest(c)
 
-		if devInWhiteList(devid, cfg) {
+		if !authorized && devInWhiteList(devid, cfg) {
 			authorized = true
 		}
 
diff --git a/main.go b/main.go
index f820936..ddafd10 100644
--- a/main.go
+++ b/main.go
@@ -162,6 +162,7 @@ func main() {
 					},
 					&cli.BoolFlag{
 						Name:  "local-auth",
+						Value: true,
 						Usage: "need auth for local",
 					},
 					&cli.BoolFlag{
diff --git a/rttys.conf b/rttys.conf
index 5b7fec4..177946e 100644
--- a/rttys.conf
+++ b/rttys.conf
@@ -31,3 +31,6 @@ db: sqlite://rttys.db
 
 #disable new user sign up
 #disable-sign-up: True
+
+# Local access does not require authentication
+#local-auth: false